In this episode, John James Jacoby and I are joined by Heather Burns, Founder of WebDevLaw. We have a lengthy discussion about GDPR (General Data Protection Regulation), what it is, what’s at stake, and its potential impacts on the WordPress ecosystem. We also discuss the cultural differences between the North American and European views on user privacy.

When asked what she hopes to see as we approach May of 2018, Burns replied:

“I want to see all hands on deck making WordPress a force for good, that people can trust, and that people can be empowered to change for the better. Don’t let the fact that it involves law put you off. GDPR is a toolkit for empowerment, it’s a means for protecting and safeguarding your users in these quite scary times we’re living in. And it will make you a better developer and site administrator in the end.”

Shifting political currents – some of which are openly racist, xenophobic, and authoritarian – have put everyday users of online services at real risk. Global geopolitics means that the borders we have always known are changing under our feet. Walls are being built. People are being threatened

Capitalism doesn’t give a flying f*ck about real people as long as money is made. This is a step in the right direction to balance that out.

GDPR? The European Union is becoming notorious for this kind of poorly devised impotent bureaucratic BS and poorly thought out regulation which does nothing to solve a problem, and annoys the bejeebers out of everyone with half a brain, developers, businesses and users alike.

I do feel that way about the cookie laws and some other initiatives but not with GDPR. What do you propose should be done to strengthen data protections and cut back on businesses storing endless personal data at the expense of users, security and democracy?

GDPR does appear to increase the burden on storing data, I hope it’s immediate side-effect is that businesses will treat personal data for what it is, not frame it like it as an asset but to treat it like a liability. Every data breach erodes trust and undermines the web, the economy, security, citizens’ power and democracy. And organizations liberally sharing data for corporate and/or political goals are directly and indirectly chipping at society worth living in. So let’s store less personally identifiable data instead.

If those the are critical of GDPR had actually understood what it was about perhaps they would be less critical, it’s all about protecting individuals rights, if you fill in an order form on a website with your personal details, name, address etc, you want to know that a. your details are not going to be easily hacked and b. the website owner is not going to sell your details to other people without your permission, this is the basis for GDPR, now if you are based outside the EU it may be harder to prosecute you for breaking the EU laws but its very easy for the EU to block websites that do not comply.